prevent brute force attack xmlrpc.php
Opened this issue · 0 comments
viracochaIT commented
Hi guys
i have the follow consideration abount preventing brute force attack on xmlrpc.php and not only wp-login.php
now i insert into user.conf a new location directive but maybe i suggest to change the rules into main.conf directly
this is the line into templates:
https://github.com/EasyEngine/site-type-wp/blob/develop/templates/config/nginx/main.conf.mustache#L119
this is my suggestion:
location ~ (wp-login|xmlrpc).php
regards and good wok